How K-12 Schools Can Improve Network Protection

EducationWeek recently published the article “Schools Aren’t Doing Enough to Protect Their Networks, Top Cybersecurity Official Warns.” The general theme of the article is that K-12 schools are under increased pressure from cyber attacks and they need to do more to protect their networks.
This is fact. Attackers have clearly stepped up attacks on K-12 schools. Before the pandemic (if you can remember that!), K-12 schools were under increased pressure with attackers viewing them as softer targets as a result of resource constraints (budget, people, security controls). The pandemic has only served to increase the attractiveness of K-12 schools as a target due to an exponential increase in attack surface driven by virtual learning.
This was validated by last month’s Joint Cybersecurity Advisory from the FBI, CISA, and MS-ISAC – Cyber Actors Target K-12 Distance Learning Education to Cause Disruptions and Steal Data.
The Advisory indicates that:
“The FBI, CISA, and MS-ISAC assess malicious cyber actors are targeting kindergarten through twelfth grade (K-12) educational institutions, leading to ransomware attacks, the theft of data, and the disruption of distance learning services. Cyber actors likely view schools as targets of opportunity, and these types of attacks are expected to continue through the 2020/2021 academic year. These issues will be particularly challenging for K-12 schools that face resource limitations; therefore, educational leadership, information technology personnel, and security personnel will need to balance this risk when determining their cybersecurity investments.”
It also indicates that “according to MS-ISAC data, the percentage of reported ransomware incidents against K-12 schools increased at the beginning of the 2020 school year. In August and September, 57% of ransomware incidents reported to the MS-ISAC involved K-12 schools, compared to 28% of all reported ransomware incidents from January through July.”
This is a valid point that many will agree on. However, we think that many will also agree that K-12 schools can’t do it by themselves. As the article indicates, the need for stronger federal support for cybersecurity for K-12 and state and local government organizations has never been higher.
In addition to increased funding, another critical thing that needs to happen is increased collaboration between K-12 schools and other state and local government organizations when it comes to using and sharing \threat intelligence. It is well known that threat actors’ playbooks heavily rely on industry-specific campaigns. This has led to the increasing importance of industry-specific threat intelligence and sharing when it comes to cyber defense.
Related to the above, the article provides a few data points that are concerning.
Let’s talk about a few simple and affordable steps K-12 schools can take to improve cyber defenses and reduce their risk from cyber attacks.
At ThreatBlockr, we have lots of school districts using our platform and our interactions with schools have never been higher. This is a great sign because it indicates K-12 schools are looking at ways to better protect their networks.
The ThreatBlockr platform helps K-12 Schools detect and block more threats by:
At ThreatBlockr, we’ve combined threat intelligence, automation, and threat prevention into a platform that is both simple to use and affordable for K-12 schools.
At ThreatBlockr, We Believe Nothing Scales Like Simplicity. We Make Blocking Threats Smart and Simple – at Scale – Everywhere.
To learn more about how ThreatBlockr can help your school check out our Education Data Sheet and Schedule a Demo.